Soon after South Korean police proudly announced the seizure of $5.6 million worth of cryptocurrency from 124 wealthy tax evaders, they realized a significant oversight: they had inadvertently included images in their press release that allowed a thief to quickly snatch most of the seized assets.
The press release, although eventually removed, was disseminated by local media and tech publications covering the incident.
Bleeping Computer published a screenshot of these images, which featured a handwritten note beside a Ledger device used as a 'cold wallet' to securely store crypto offline. This note visibly contained a full mnemonic recovery phrase, which is a master key enabling anyone to transfer the assets from the cold wallet to a new one without needing any additional PINs or permissions.
Blockchain analysis expert Cho Jae-woo informed a South Korean news site that 4 million PRTG (Pre-Retogeum) tokens, valued at approximately $4.8 million, were present in the wallet when the theft occurred. According to The Block, on-chain data from Etherscan showed that the thief first deposited a small amount of ETH into the wallet to cover transaction fees, then moved the 4 million PRTG tokens in three separate transactions.
On Sunday, South Koreaโs National Tax Service issued another press release, expressing deep apologies for the unauthorized disclosure that compromised the seized assets.
In their statement, the police explained that the images were included to make the release more engaging, but they regrettably failed to redact the crypto wallet password. They admitted there was no valid excuse for this error and confirmed an investigation with national police is underway to track the transactions and recover the stolen funds.